c) The Privacy of Social Networks Treaty is an international law that makes it illegal for Amar to

seek the login credentials from Vijay's social networking account.

d) Amar could be liable for violating Vijay's privacy rights if he hacks or breaks into areas of the
social networking site Vijay has designated as private

99 What is Mutual Legal Assistance (MLA)?

a) A process by which countries request and provide assistance in law enforcement matters
b) A letter whereby a criminal defendant requests that the government release exculpatory
information
c) A formal request by the courts of one country seeking judicial assistance from the courts of
another country
d) A formal request by the government of a country seeking information from a defendant residing
in another country

100 In most common law jurisdictions, for a document to be admitted into evidence, it must be
properly __________ that is, the party offering the document must produce some evidence to
show it is, in fact, what the party says it is.
a) Validated
b) Marked
c) Certified
d) Authenticated

1. The warehouse supervisor in ABC Ltd. has stolen ₹ 5 lakhs worth of inventory
over the last year. He has made no effect to conceal his theft in any of the inventory
records. During as analytical review of the financial statements, which of the
following red flag might the auditor find that would indicate the inventory theft?

a) The percentage change in cost of goods sold was significantly higher than the
percentage change in sales.
b) The percentage change in sales was significantly higher than the percentage
change in cost of goods sold.
c) Sales and cost of goods sold moved together.
d) None of the above.

2. When circumstantial evidence is offered to prove that a subject has more income
available than can be accounted for from legitimate sources, the subject often
responds with which of the following defences?

a) The subject has no taxable income.

b) The subject’s excess funds were deobligated.
c) The subject incurred substantial debts.
d) The subject's excess funds were received as gifts.

3. Which of the following statement concerning public records is most accurate?

 a) Public records are the primary source of individual health information
b) Public records are those maintained by public companies
c) Public records are valuable for obtaining background information on
individuals
d) Public records are useful for searching banking records

4. SQL injection is an attack in which …………… code is inserted into strings that
are later passed to an instance of SQL Server.

a) Non malicious
b) Clean
c) Redundant
d) Malicious

5. Section 66F of the Information Technology Act deals with …………………

a) Sending offensive messages

b) Cheating by personation
c) Privacy violation
d) Cyber terrorism

6. Which of the following is a method in which contractors can inflate labour costs
in negotiated contracts?

a) Use higher wage personnel to perform work at lower rates.

b) Subcontract to affiliated companies at inflated rates.
c) Account for learning curve cost reductions.
d) Use valid cost schedules.

7. Which of the following is the most appropriate type of question for fraud
examiners to ask during interviews to confirm facts that are already known?

a) Open
b) Leading
c) Complex
d) Narrative

8. Which of the following activities are included in the bid evaluation and award
phase of procurement involving open and free competition?

a) The procuring employees issue the solicitation document.

 b) The procuring employees develop the bid specifications.
c) The procuring employees assess the bids or proposals.
d) The procuring employees perform their contractual obligations.

9. In MS-Excel, what is the correct way to refer the cell C5 on Worksheet named
"Report" from Worksheet named "Sales Data"?

a) =[Sales Data]!C5
b) =$C$5
c) ='Sales Data'!C5
d) ="Sales Data"!$C$5

10. Act of obtaining information of a higher level of sensitivity by combining

information from lower level of sensitivity is called?

a) Aggregation
b) Data mining
c) Inference
d) Polyinstantiation

11. Bars, restaurants, and nightclubs are favourite businesses through which to
launder funds because:

a) It is easy to match the cost of providing food, liquor, and entertainment with
the revenues they produce.
b) They charge relatively low prices for services.
c) Sales are generally in cash.
d) All of these choices are correct.

12. ………… may not contain in Excel Formula.

a) Text Constant
b) Mixed Reference
c) Circular Reference
d) All of the above

13. In …………… fraud scheme, Procurement official acts above or below normal
scope of duties in awarding or administering contract.

a) Bribes and Kickbacks

b) Manipulation of Bids
c) Split Purchases
d) Unnecessary Purchases

14. Suppose you suspect there is a Ghost Employee scheme taking place in your
organisation and you want to compare the payroll records to the employee master
 file. Which data analysis technique would you use to match these two data
records?

a) Compliance verification
b) Correlation analysis
c) Join function
d) Gap Testing

15. All of the followings are hashing algorithms except ………………….

a) SHA
b) MFT
c) HAVAL
d) MD2

16. Common fraud schemes involving ATMs include all of the following Except:

a) Counterfeit ATM cards

b) Employee manipulation
c) Unauthorised access to PINs and account codes
d) Credit data blocking

17. In …………………………. Scheme, the company that initially conned a consumer

contacts that consumer and offers to help retrieve the lost money. However, the
investigation requires an upfront fee and the consumer is swindled again.

a) Retrieval
b) Double Hustle
c) Advance Fee
d) Scavenger

18. ……………….. can act as a "National Focal Point" for gathering information on
threats and facilitating the Central Government's response to computer based
incidents.

a) Intelligence Bureau
b) CBI
c) CERT-IN
d) Cyber Cell

19. ……………….. is a method of using software to extract usable information from

unstructured data.

a) Linguistic Analytics
b) The Fog Index
c) Textual Analytics
d) Benford's Law
20. Amar, a Fraud Investigator, is investigating Vijay, who is active on an online social
networking site in which he voluntarily shares information about himself. Amar
wants to search and extract information from Vijay's social network profile.
Which of the following is the most accurate statement about the privacy of
information Vijay shared through his social network profile?

a) To search for information that Vijay posted and made available to the public
through his social network profile, Amar must provide Vijay notice before
hand.
b) To access any information posted on Vijay's social network profile, Amar
must obtain some type of legal order from the jurisdiction in which Vijay
resides.
c) The Privacy of Social Networks Treaty is an international law that makes it
illegal for Amar to seek the login credentials from Vijay's social networking
account.
d) Amar could be liable for violating Vijay's privacy rights if he hacks or breaks
into areas of the social networking site Vijay has designated as private

21. Which of the following is typically the most effective way to document chain of
custody for a piece of evidence?

a) An affidavit signed by the forensic auditor swearing to the evidence's contents

b) Photographs of the evidence that clearly show what the evidence is and where
it was originally found
c) A memorandum with the custodian of the evidence when the evidence is
received
d) A video recording of the forensic auditor explaining the process used to collect
the evidence.

22. ……………… is the application of computer investigation and analysis techniques

in the interests of determining potential legal evidence.

a) Steganography
b) Computer Forensics
c) Both ( a & b )
d) None of the above

23. Because Digital evidence is different from tangible evidence, the rules regarding
its admissibility in court are very different from the rules governing the
admissibility of tangible evidence.

a) True
b) False

24. Building a business case can involve which of the following?

 a) Procedures for gathering evidence
b) Testing software
c) Protecting trade secrets
d) All of the above

25. A fraud scheme in which an accountant fails to write down obsolete inventory to
its current fair market value has what effect on the company's current ratio?

a) The current ratio will be artificially inflated.

b) The current ratio will be artificially deflated.
c) It is impossible to determine.
d) The current ratio will not be affected.

26. Which of the following is a legal element that must be shown to prove a claim for
fraudulent misrepresentation of material facts?

a) The defendant acted negligently.

b) The victim failed to exercise due care in relying on the representation.
c) The defendant had a duty to disclose the information.
d) The defendant made a false statement.

27. Mr. Ram has been retained by an attorney to testily as an expert witness at Mr.
Mallya's trial. Coincidentally. Mr. Ram also met Mr. Mallya while attending a
university many years earlier. The attorney is compensating Mr. Ram for his
services. Which of the following statements concerning conflicts of interest is
MOST ACCURATE?

a) Mr. Ram should not serve as an expert witness because he is being

compensated, which is a conflict of interest.
b) Mr. Ram should not serve as an expert witness because he knew Mr. Mallya
from attending the university, which is a conflict of interest
c) Mr. Ram can serve as an expert witness because there are not conflicts of
interest in this case.
d) Mr. Ram can only serve as an expert witness if he is able to objectively
evaluate and present the case issues.

28. Following are Red Flag Indicators of Phantom Vendors, except –

a) Invoiced goods or services cannot be located or verified

b) No employee Identification Number (EIN) provided
c) Invoice has an unusual or unprofessional appearance
d) Bid prices drop when a new bidder enters the competition
29. What is the most critical aspect of computer evidence?

a) Validation of digital evidence

b) Security of digital evidence
c) Collection of digital evidence
d) List of digital evidence

30. Keeping track of the amount of paper generated is one of the biggest challenges in
forensic audit. Which of the following is generally NOT a recommended practice
when organizing evidence?

a) Make a key document file

b) Segregate documents by witness
c) Establish a database early on
d) File all papers chronologically

31. Which of the following statements about how Forensic Auditors should approach
fraud examinations is CORRECT?

a) In most examinations, Forensic Auditors should start interviewing the suspect

and then work outward.
b) if an individual appears to be involved in the fraud scheme, he should be
interviewed first.
c) Fraud examinations should begin with general information that is known,
starting at the periphery, and then move to the more specific details.
d) All of the above.

32. Mr. Ram, Forensic Auditor, determines that a document that purports to be the
original writing of a famous author created fifty years ago, is actually made from
paper created no more than 2 years ago. Which of the following best describes the
document?

a) An Auto forgery
b) An Anachronism
c) An Indented Writing
d) None of the above

33. In asymmetric key cryptography, the private key is kept by …………………

a) Sender
b) Receiver
c) Sender and Receiver both
d) All the connected devices to the network

34. When gathering information for a fraud investigation, virtually all helpful
documentary evidence will come from internal sources.
 a) True
b) False

35. Which of the followings is an example of simple substitution algorithm?

a) Rivest, Shamir, Adleman (RSA)

b) Data Encryption Standard (DES)
c) Blowfish
d) Caesar cipher

36. Mr. Ram, Forensic Auditor, is conducting an admission seeking interview. Which
of the following strategies should Mr. Ram follow in his attempt to obtain a
confession?

a) Imply that time is of the essence to pressure the subject into confessing.
b) Conduct the interview in a firm, yet compassionate manner.
c) Minimise sympathy and maximise the perception of wrongdoing.
d) Avoid potential liability by making the accusation in the presence of outsiders.

37. Mr. Shyam is on the boards of two companies that compete in the highway
construction industry. Paul does not disclose this conflict, and he does not step
down from the board of either company. If Mr. Shyam's acts are discovered and
he is sued for violating his fiduciary duties, under what theory is the suit most
likely to be filed?

a) Violating the duty of fair competition

b) Violating the duty to disclose
c) Violating the duty of loyalty
d) Violating the duty of care

38. Which of the following is an information security goal that an e-commerce system
should strive to provide its users and asset holders?

a) Non repudiation
b) Exactness
c) Access authority
d) System reliability

39. What effect would improperly recording an expenditure as a capitalised asset

rather than as an expense have on the financial statement?

a) Expenses would be overstated, giving the appearance of poor financial

performance.
b) Net income would be falsely understated, lowering the company's tax liability.
c) Assets would be falsely overstated, giving the appearance of a stronger
company.
 d) None of the above

40. Sending offensive messages through communication service, causing annoyance

etc. through an electronic communication or sending an email to mislead or
deceive the recipient about the origin of such messages (commonly known as IP or
email spoofing) are all covered under .............................. of the Information
Technology Act.

a) Section 66A
b) Section 66D
c) Section 66E
d) Section 66F

41. As per DOT, using spoofed call service is illegal as per the ………………………

a) Indian Telegraph Act, Sec 25(c).

b) Indian Penal Code Act, Sec 25(c).
c) Indian IT Act, Sec 25(c).
d) Indian Telecommunication Act, Sec 25(c).

42. From a legal perspective, which rule must be addressed when investigating a
computer crime?

a) Search and seizure

b) Data protection
c) Engagement
d) Evidence

43. When a forensic investigator is seizing a running computer for examination, he

can retrieve data from the computer directly via its normal interface if the
evidence needed exists only in the form of volatile data.

a) TRUE
b) FALSE

44. In Interview situations, ………………… is defined as a "relation marked by

harmony, conformity, accord or affinity."

a) Norming
b) Rapport
c) Active Listening
d) Calibration

45. Which of the following is a recommended method for organising and presenting
information in a fraud examination report?
 a) By the order in which the information was discovered
b) By party
c) Chronologically
d) All of the above

46. What is the advantage of using a tape backup system for forensic acquisitions of
large data sets?

a) Tape backup system is more secure

b) Magnetic Tapes are condensation resistance
c) Magnetic Tapes are useful for long-term storage of data at infinite scale
d) Writing large data to Magnetic Tapes is faster as compared to other media

47. During the introductory phase of the interview, the interviewer should avoid terms
such as:

a) Investigation
b) Review
c) Inquiry
d) All of the above

48. In IDEA, Query can be written in …………………….

a) Formula Editor
b) Query Editor
c) Equation Editor
d) None of the above

49. …………………….. refers to any statistical process used to analyse data and draw
conclusions from the findings.

a) Data Analysis
b) Data Mining
c) Big Data
d) None of the above

50. Which of the following is not a component of “chain of evidence”?

a) Location evidence obtained.

b) Time evidence obtained.
c) Who discovered the evidence.
d) Identification of person who left the evidence.

51. In interviews, ……………………… communication involves the use of volume,

pitch, voice quality to convey meaning.

a) Kinetic
 b) Chronemic
c) Paralinguistic
d) Proxemic

52. Which of the following best describes Social Engineering?

a) A method for gaining unauthorised access to a computer system in which an

attacker bypasses a system’s security through the use of an undocumented
operating system and network functions.
b) A method for gaining unauthorised access to a computer system in which an
attacker hides near the target to obtain sensitive information that he can use to
facilitate his intended scheme.
c) A method for gaining unauthorised access to a computer system in which an
attacker deceives victims into disclosing information or convinces them to
commit acts that facilitate the attacker’s intended scheme.
d) A method for gaining unauthorised access to a computer system in which an
attacker searches through large quantities of available data to find sensitive
information that he can use to facilitate his intended scheme.

53. Which of the following is true for the Statistical sampling of data?

a) The auditor should not be restricted to explicit numbers as to materiality or

risk.
b) The auditor needs to employ professional subjective judgment.
c) Allows the auditor to maintain professional judgment in regard to audit risks
and materiality.
d) There is a unique issue where there is a need for a less rigid standardized
approach.

54. In MS-Excel, a function inside another function is called ……………………

a) Complex function
b) Multiple function
c) Nested function
d) Mixed function

55. What does MFT stand for?

a) Master Folder Table
b) Master Format Table
c) Master File Table
d) Master FAT Table
56. A utility designed to create a binary or hexadecimal number that represents the
uniqueness of a data set, such as a file or entire disk is called …………………….

a) Brute-Force Scripting
b) Bit locker
c) Hashing Algorithm
d) Binary Sniffing

57. For employee expense reimbursement request, electronic receipts are preferred to
paper receipts because they are more difficult to alter or forge.

a) True
b) False

58. When a caller ID display a phone number different from that of the telephone
from which the call was placed is called ………………………

a) Cellular Fraud
b) Caller ID Phishing
c) Caller ID Spoofing
d) Unethical Hacking

59. While examining a document, a fraud examiner notices some very faint indented
writings that might aid the examination if revealed. Which of the following would
be the forensic auditor's best course of action in analysing these indented writings?

a) Performing the pencil shading method

b) performing the pencil scratching method
c) Applying a few drops of liquid and observing the liquid's flow in the
indentations
d) Employing an expert to use an electrostatic detection apparatus

60. During an interview, Mr. Shyam, an employee at ABC Ltd, confesses to Mr. Ram,
Forensic Auditor, that he has been embezzling money from the company. Which
of the following pieces of information does Mr. Ram NOT have to obtain from Mr.
Shyam?

a) Information about involvement of other employees

b) A statement from Mr. Shyam that his conduct was an accident
c) An estimate of the amount of money Mr. Shyam embezzled.
d) The approximate date Mr. Shyam started embezzling the money.

61. ………………… was designed to protect against accidental errors, such as a digit
mistyping.
 a) Relative Size Factor
b) Luhn algorithm
c) Benford's Law
d) None of the above

62. In MS-Excel, while splitting Text String in a column with Text to Columns, the
data in original column can be retained.

a) True
b) False

63. What is the health care industry concerned about the potential effect of the
Electronic Data Interchange (EDI) on fraudulent activity?

a) Only a few types of health care transactions can be process by EDI.

b) The tools required to detect EDI fraud are difficult to use.
c) The efficiency of EDI allows for more vendors and thus more claims to
process.
d) All of the above.

64. Which of the following statement is True regarding a fictitious refund scheme?

a) The victim company's inventory is understated.

b) The amount of cash in the register balances with the register log.
c) Inventory is returned to the store.
d) All of the above.

65. Where is the data for roaming phones stored?

a) HLR (Home Location Register)

b) GSM (Global System for Mobile communications)
c) BTS (Base Transceiver Station)
d) VLR ( Visitor Location Register)

66. Which of the following is a method that investigators can use to detect
steganography?

a) Analysing files on a computer system for structural oddities that suggest

manipulation.
b) Determining whether the statistical properties of files deviate from the
expected norm.
c) Looking for visual anomalies in jpeg, bmp and other image files.
d) All of the above.

67. When searching regulatory securities records for information on a publicly traded
company, which of the following information is least likely to be found?
 a) Major events that are of interest to investors
b) Identity of the company's officers and directors
c) Identity of major owners of the company
d) The complete books and records of the company

68. Forensic Auditor visited a project site and discovered a road of sub-standard
quality. The road was built 50 percent narrower than specifications and lacked
road surfacing. Nevertheless, the contract was paid in full. It is
…………………………. Type of Fraud.

a) Product substitution
b) Substandard work
c) Deviation from specifications
d) Failure to deliver

69. Offences related to infringements of copy rights are extraditable offences.

a) True
b) False

70. Mr. Ram, Forensic Auditor, conducted an interview of Shyam, the controller of
the ABC Ltd. Mr. Ram asked the following question: "Since you were here when
the controls were developed, can you tell me how they came about?" This kind of
question is called ...........................

a) Complex Question
b) Controlled Answer Technique
c) Double Negative Question
d) Open Question

71. Which of the following is NOT a type of physical access control device that can be
used to control access to physical objects?

a) Biometric systems
b) Profiling software
c) Electronic access cards
d) Locks and keys

72. What part of a cloud implementation provides the virtual servers with access to
resources?

a) Hypervisor
b) Resource monitor
c) Resource auditor
d) Virtual Manager
73. A Forensic Auditor is deciding whether to conduct a traditional or a covert
examination for a suspected fraud. Which of the following factors would be most
favourable to conducting a covert examination?

a) There are sufficient details at the present time to apprehend the suspect.
b) The Forensic Auditor would like to determine who is responsible for known
losses occurring in a certain area.
c) The Forensic Auditor finds it important to collect information in a direct
manner from people possessing it.
d) The Forensic Auditor has several avenues through which he can obtain the
necessary information.

74. Before powering off a computer system, a computer crime investigator should
record contents of the monitor and ……………...

a) save the contents of the spooler queue.

b) backup the hard drive.
c) dump the memory contents to a disk.
d) collect the owner’s boot up disks.

75. Which of the two key functions is included in IDEA to identify exceptions,
irregularities, anomalies and errors?

a) Error Detection & Duplicate Detection

b) Anomalies Detection & Exception Detection
c) Anomalies Detection & Duplicate Detection
d) Gap Detection & Duplicate Detection

76. Which of the following types of transactions is most likely to use a Person-to-
person (P2P) payment system?

a) A person paying for movie tickets at an automated kiosk.

b) A person buying groceries at the supermarket.
c) A company using a bank's online payment system to make a loan payment.
d) A person buying a book on an online auction site.

77. Which of the following statement best describes the function of metasearch
engines such as Sputtr, Dogpile and Mamma?

a) Metasearch engines contain links to websites that are sorted into categories
b) Metasearch engines send user requests to several search engines and aggregate
the results for display
c) Metasearch engines narrow searches to only those search engines that achieve
the best results
d) None of the above
78. Which of the following facts would best support the defence of a law enforcement
officer against an allegation of entrapment?

a) The officer acted without malice

b) The officer acted based on a tip from a reliable source
c) The officer acted based on his suspicion of fraud
d) All of the above

79. Which of the following evidence collection method is most likely accepted in a court
case?

a) Provide a full system backup inventory.

b) Create a file -level archive of all files.
c) Provide a mirror image of the hard drive.
d) Copy all files accessed at the time of the incident.

80. What is the punishment for hacking of computers?

a) Three year imprisonment or 10 lakh rupees penalty or both

b) Life Imprisonment
c) Three year imprisonment or 5 lakh rupees penalty or both
d) Three year imprisonment or 2 lakh rupees penalty or both

81. Which of the following refers to investments that are designed to yield a tax benefit
to the investor?

a) Tax shelters
b) Tax havens
c) Secrecy jurisdictions
d) Money laundering havens

82. Which of the following is a limitation of Benford’s Law?

a) Benford's Law can only be applied to data sets listed in currency amounts.
b) Benford's Law cannot be applied to data sets with non-natural numbers.
c) Benford's Law only works on data sets with assigned numbers.
d) Benford's Law applies best to data sets with three digit numbers.

83. Mr. Ram, Forensic Auditor, is undertaking a data analysis engagement to identify
potential fraud at ABC Ltd. Which of the following lists the most appropriate
order in which he should conduct the steps involved in the data analysis process?

I. Cleanse and normalise the data

II. Build a profile of potential frauds
III. Analyse the data
IV. Obtain the data
V. Monitor the data
 a) IV, I, III, V, II
b) II, IV, III, I, V
c) II, IV, I, III, V
d) IV, II, I, V, III

84. A Forensic Auditor discovers that Mr. Shyam, a fraud suspect, has made dozens
of cash deposits over the last few months into a bank account. None of the deposits
have been Rs. 50,000 or more, and none of them have been below Rs. 45,000,
either. The currency reporting threshold for cash deposits at financial institutions
in the jurisdiction is Rs. 50.000. Based on this information, which of the following
schemes is Mr. Shyam most likely committing?

a) Cash Transactions Fraud

b) Suspicious Transaction Fraud
c) Smurfing
d) Channel Stuffing

85. Pharming differs from Phishing in that in a pharming scheme:

a) The attacker delivers the solicitation via telephones using Voice over Internet
Protocol instead of email.
b) The attacker delivers the solicitation message via SMS instead of email.
c) The attacker does not have to rely on having the user click on a link in an
email to direct him to malicious website that is imitating a legitimate website.
d) The attacker has to rely on having the user click on a link in an email to direct
him to the malicious website that is imitating a legitimate website.

86. A virus that changes as it spreads is called what?

a) Multipartite
b) Armored
c) Changeling
d) Polymorphic

87. Which of the following functions does a Benford's Law analysis help to achieve?

a) Measuring the relationship between items on financial statements by

expressing accounts as percentages.
b) Extracting usable information from unstructured text data.
c) Identifying duplicate payments
d) Identifying fictitious numbers.

88. …………………………... is a powerful test for detecting errors.

a) Relative Size Factor

b) Luhn algorithm
 c) Benford's Law
d) None of the above

89. The encoding step of a ………………… system identifies redundant bits and then
replaces a subset of them with data from a secret message.

a) Phishing
b) Steganographic
c) SQL Injection
d) Key Logging

90. Which of the following methods might be used to conceal a sham loan transaction
in which the loan officer receives part of the proceeds (kickback)?

a) Letting the loan go into arrears

b) Charging off the loan as a bad loan
c) Digging the loan on the books
d) Turning the loan over to a collection agency

91. Following are part of Planning Phase in Data Analysis Process, except:

a) Understand the data

b) Build a profile of potential frauds
c) Obtain the data
d) Determine whether predication exists

92. Which of the following is an example of the Array Formula in MS-Excel?

a) =IF(A2:D4=3,MAX(A5:A10))
b) =IF(A2>=3,MAX(A5:A10))
c) =IF(A2<=3,MAX(A5:A10))
d) None of the above

93. Which of the following is TRUE concerning the volatility of digital evidence?
a) Even the integrity of digital evidence has been violated through alteration or
destruction, it can be restored easily.
b) The failure to preserve the integrity of digital evidence could result in
evidence being deemed inadmissible in a legal proceeding
c) Digital evidence is less volatile than tangible evidence because data cannot be
altered or destroyed easily than tangible information
d) None of the above

94. Which of the following situation is often present in real estate fraud schemes?

a) A false appraisal report

b) No expert assistance at closing
c) The services of an arm’s length representative
 d) All of the above

95. Which of the following is one of the objectives on which the international
Organization of Securities Commissions (IOSCO) Objectives and Principles of
Securities Regulation are based?

a) Enhancing the financial system's growth

b) Ensuring that markets are fair, efficient, and transparent
c) Harmonizing securities laws and standards across the globe
d) Eliminating market risk

96. In MS-Excel, which of the following function would you use to compare two text
strings in a database?

a) EXACT
b) MATCH
c) VLOOKUP
d) All of the above

97. Which of the following attack targets an application's backend database?

a) Phishing
b) Evading detection
c) URI Hacking
d) SQL Injection

98. Suppose that a forensic auditor is going to testify at trial about an examination
report for a complex case, and the report contains summaries of the key
documents that were created by someone other than the forensic auditor. Which
of the following best describes what the forensic auditor should know about the
documents underlying the summaries?

a) The forensic auditor must have read and analysed every document in the case.
b) The forensic auditor should conduct a complete review of the documents
underlying the summaries.
c) The forensic auditor does not need to review the documents underlying the
summaries.
d) The forensic auditor only needs to review some of the documents underlying
the summaries for quality assurance.
 99. In MS-Excel, you can group non-contiguous worksheets with
………………………

a) Group button on the standard toolbar

b) Ctrl key and the mouse
c) Shift key and the mouse
d) None of the above

100. Which of the following is a type of information that can be obtained from the deep
web?

a) An old version of a web page that has since been updated.

b) Websites without any links pointing to them.
c) An archived version of a web page that is no longer online.
d) Web content indexed by standard search engines.